﻿<?php
session_start();
include("../../corePage/common.php");
header('Content-type:application/json;charset=UTF-8');
header("Access-Control-Allow-Origin: $domainName");
#获取用户名密码
$sys_username = trims($_REQUEST['sys_username']);
$sys_password = trims($_REQUEST['sys_password']);
$userId = $_REQUEST['userId'];
$username = trims($_REQUEST['userName']);
// $sys_username = "admin";
// $sys_password = "admin";
// $username = trims("  w   w ");

//方法名称
$func = null;
if(isset($_REQUEST['func'])){
    if(function_exists($_REQUEST['func'])){
        $func = $_REQUEST['func'];
    }else{
        $func = "nofunc";
    }
}else{
    $func = "lackfunc";
}

//缺少参数func
function lackfunc(){
	echo  '{"status":"error","info":"func is lack"}';
}

//找不到func方法
function nofunc(){
	echo  '{"status":"error","info":"function is not exists"}';
}

//通过用户名删除用户
function deleteByUserName(){
	Global $database_prefix,$userTableName,$username_field,$password_field,$sys_username,$sys_password,$username;
	if(!$sys_username || !$sys_password || !$username){
		#参数不全
		echo '{"status":"error","errorCode":"100"}';
		return false;
	}
	#验证用户权限级别
	$userObject = null;
	$sys_level = null;
	if(isset($sys_username) && isset($sys_password) ){
		$sql="select * from ".$database_prefix."_".$userTableName." where ".$username_field." = '$sys_username' and ".$password_field." = '$sys_password'";
		$userObject = select_Object($sql);
	}elseif(isset($_SESSION['sys_level'])){
		$sys_level = $_SESSION['sys_level'];
	}else{
		#未登录
		echo '{"status":"error","errorCode":"10"}';
		return false;
	}
	if($userObject || $sys_level){
		#权限大于等于1023
		if(isset($userObject)){
			$sys_level = $userObject['level'];
		}
		if((int)$sys_level  >= 1023){
			$sql="select * from ".$database_prefix."_".$userTableName." where ".$username_field." = '$username' and level < '$sys_level'";
			$userObject = select_Object($sql);
			if($userObject){
				$userId = $userObject['id'];
				$sql="delete from ".$database_prefix."_".$userTableName." where id = '$userId'";
				$userObject = delete_Object($sql);
				if($userObject){
					#删除成功
					echo '{"status":"success"}';
				}else{
					#删除失败[111]
					echo '{"status":"error","errorCode":"111"}';
				}
			}else{
				#用户名不存在或权限不够[112]
				echo '{"status":"error","errorCode":"112"}';
			}
		}else{
			#权限不够[113]
			echo '{"status":"error","errorCode":"113"}';
		}
	}else{
		#用户验证失败[114]
		echo '{"status":"error","errorCode":"114"}';
	}
}

//通过用户ID删除用户
function deleteByUserId(){
	Global $database_prefix,$userTableName,$username_field,$password_field,$sys_username,$sys_password,$userId;
	#验证用户权限级别
	$sql="select * from ".$database_prefix."_".$userTableName." where ".$username_field." = '$sys_username' and ".$password_field." = '$sys_password'";
	$userObject = select_Object($sql);
	#查询结果不为空
	if($userObject || $sys_level){
		#权限大于等于1023
		if(isset($userObject)){
			$sys_level = $userObject['level'];
		}
		if($sys_level  >= 1023){
			$sql="select * from ".$database_prefix."_".$userTableName." where ".$username_field." = '$username' and level < '$sys_level'";
			$userObject = select_Object($sql);
			if($userObject){
				$userId = $userObject['id'];
				$sql="delete from ".$database_prefix."_".$userTableName." where id = '$userId'";
				$userObject = delete_Object($sql);
				if($userObject){
					#删除成功
					echo '{"status":"success"}';
				}else{
					#删除失败[111]
					echo '{"status":"error","errorCode":"111"}';
				}
			}else{
				#用户名不存在或权限不够[112]
				echo '{"status":"error","errorCode":"112"}';
			}
		}else{
			#权限不够[113]
			echo '{"status":"error","errorCode":"113"}';
		}
	}else{
		#用户验证失败[114]
		echo '{"status":"error","errorCode":"114"}';
	}
}

/**自定义方法结束**/
echo call_user_func($func);
?>